NSE4 Exam Details

  • Exam Code
    :NSE4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam (400)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :301 Q&As
  • Last Updated
    :Apr 21, 2024

Fortinet NSE4 Online Questions & Answers

  • Question 1:

    Examine the static route configuration shown below; then answer the question following it. config router static edit 1 set dst 172.20.1.0 255.255.255.0 set device port1 set gateway 172.11.12.1 set distance 10 set weight 5 next edit 2 set dst 172.20.1.0 255.255.255.0 set blackhole enable set distance 5 set weight 10 next end Which of the following statements correctly describes the static routing configuration provided? (Choose two.)

    A. All traffic to 172.20.1.0/24 is dropped by the FortiGate.
    B. As long as port1 is up, all traffic to 172.20.1.0/24 is routed by the static route number 1. if the interface port1 is down, the traffic is routed using the blackhole route.
    C. The FortiGate unit does NOT create a session entry in the session table when the traffic is being routed by the blackhole route.
    D. The FortiGate unit creates a session entry in the session table when the traffic is being routed by the blackhole route.

  • Question 2:

    Review the IPsec phase 2 configuration shown in the exhibit; then answer the question below.

    Which statements are correct regarding this configuration? (Choose two.)

    A. The Phase 2 will re-key even if there is no traffic.
    B. There will be a DH exchange for each re-key.
    C. The sequence number of ESP packets received from the peer will not be checked.
    D. Quick mode selectors will default to those used in the firewall policy.

  • Question 3:

    Which of the following statements is correct concerning multiple vdoms configured in a FortiGate device?

    A. FortiGate devices,from the FGT/FWF 60D and above, all support VDOMS.
    B. All FortiGate devices scale to 250 VDOMS.
    C. Each VDOM requires its own FortiGuard license.
    D. FortiGate devices support more NAT/route VDOMs than Transparent Mode VDOMs.

  • Question 4:

    Which of the following statements are true regarding WAN Link Load Balancing? (Choose two).

    A. There can be only one virtual WAN Link per VDOM.
    B. FortiGate can measure the quality of each link based on latency, jitter, or packets percentage.
    C. Link health checks can be performed over each link member if the virtual WAN interface.
    D. Distance and priority values are configured in each link member if the virtual WAN interface.

  • Question 5:

    Which network protocols are supported for administrative access to a FortiGate unit? (Choose three.)

    A. SMTP
    B. WINS
    C. HTTP
    D. Telnet
    E. SSH

  • Question 6:

    To which remote device can the FortiGate send logs? (Choose three.)

    A. Syslog
    B. FortiAnalyzer
    C. Hard drive
    D. Memory
    E. FortiCloud

  • Question 7:

    If you enable the option "Generate Logs when Session Starts", what effect does this have on the number of traffic log messages generated for each session?

    A. No traffic log message is generated.
    B. One traffic log message is generated.
    C. Two traffic log messages are generated.
    D. A log message is only generated if there is a security event.

  • Question 8:

    Which of the following statements are correct regarding SSL VPN Web-only mode? (Choose two.)

    A. It can only be used to connect to web services.
    B. IP traffic is encapsulated over HTTPS.
    C. Access to internal network resources is possible from the SSL VPN portal.
    D. The standalone FortiClient SSL VPN client CANNOT be used to establish a Web-only SSL VPN.
    E. It is not possible to connect to SSH servers through the VPN.

  • Question 9:

    For data leak prevention, which statement describes the difference between the block and quarantine actions?

    A. A block action prevents the transaction. A quarantine action blocks all future transactions, regardless of the protocol.
    B. A block action prevents the transaction. A quarantine action archives the data.
    C. A block action has a finite duration. A quarantine action must be removed by an administrator.
    D. A block action is used for known users. A quarantine action is used for unknown users.

  • Question 10:

    Data leak prevention archiving gives the ability to store session transaction data on a FortiAnalyzer unit for which of the following types of network traffic? (Choose three.)

    A. POP3
    B. SNMP
    C. IPsec
    D. SMTP
    E. HTTP

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.